Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: eDirectory together with Active Directory

914 views
Skip to first unread message

craig wilson

unread,
Mar 3, 2010, 2:16:04 PM3/3/10
to
Note: Depending on which Novell products you own/use, you may already be
licensed for a limited version of IDM that will synch AD/eDir.

It is quite common for customers to have both AD and eDir on their
networks, so don't fret about doing something unusual.

On 3/3/2010 1:58 PM, Fernando wrote:
> mattmarx wrote:
>> Hi,
>>
>> is it possible to run eDirectory and Active Directory both on the same
>> network? So far we only got eDirectory but might need to have AD as well
>> in order to make use of some MS service.
>>
>> Is there documentation somewhere about best practices, how to import
>> eDir users to AD and how to keep them synchronized?
>>
>> Thank you,
>>
>> Matthias
>>
>>
>
> It is possible to run both together, yes. As for sharing resources
> and/or keeping things in sync, there are 2 different Novell products
> that might fit your bill.
>
> One is Identity Manager, docs at:
> http://www.novell.com/documentation/idm36/
> and
> http://www.novell.com/documentation/idm36drivers/
> (on the second link you want the Driver for Active Directory documentation)
>
> The other one is Domain Services for Windows, docs at:
> http://www.novell.com/documentation/oes2/
>
> IDM will sync the data back and forth, including passwords. Requires
> more knowledge to setup and maintain properly. DSfW integrates AD and
> eDir with some limitations. So depending on your business needs you can
> choose the one that will provide what you need.
>
> Cheers,
>
> -Fernando

Fernando

unread,
Mar 3, 2010, 1:58:39 PM3/3/10
to

David Gersic

unread,
Mar 3, 2010, 2:29:01 PM3/3/10
to
On Wed, 03 Mar 2010 18:26:01 +0000, mattmarx wrote:

> is it possible to run eDirectory and Active Directory both on the same
> network?

Yes.

> Is there documentation somewhere about best practices, how to import
> eDir users to AD and how to keep them synchronized?

"Best" depends on how far you want to go. You can emulate an Active
Directory using Domain Services for Windows (DSfW) from Novell, which
makes part of your eDirectory tree appear to be a domain.

Or, you can build a full Active Directory using Novell's Identity
Manager. You might check CoolSolutions for some cookbook setup articles
on building this to get you up and running quickly.


--
---------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Novell Knowledge Partner http://forums.novell.com

Please post questions in the newsgroups. No support provided via email.

David Gersic

unread,
Mar 3, 2010, 4:29:02 PM3/3/10
to
On Wed, 03 Mar 2010 20:06:01 +0000, mattmarx wrote:

> Thank you all for the quick replies!
>
> All we really need to sync is user names and passwords.
>
> I'll check into it whether or not we are licensed to that limited
> version of IDM.

Note that the "bundle" is only licensing. You have the same code as
everybody else, but you're entitled to use only the licensed drivers that
are in the bundle.


> Is DSfW able to sync passwords as well or is that one of its
> limitations?

DSfW doesn't sync passwords at all, because it doesn't need to. It
emulates a domain, and provides what appears to be Windows domain users
and passwords.

0 new messages